<?php

// 1.将timestamp,nonce,token按字典序排序
$nonce     = $_GET['nonce'];
$token     = 'songyanfengzhenshuai';
$timestamp = $_GET['timestamp'];
$echostr   = $_GET['echostr'];
$signature = $_GET['signature'];



// 2.将排序后的三个参数拼接后通过sha1加密
$array = [$timestamp, $nonce, $token];
sort($array);
$tmpstr = implode('', $array);
$tmpstr = sha1($tmpstr);

// 3.将加密后的字符串与signature进行对比,判断该请求是否来自微信
if ($tmpstr == $signature && $echostr) {
	echo $echostr;
	exit;
}